GHSA-7jx5-9fjg-hp4m: OpenClaw ACP client has permission auto-approval bypass via untrusted tool metadata
The OpenClaw ACP client could auto-approve tool calls based on untrusted metadata and permissive name heuristics. A malicious or compromised ACP tool invocation could bypass expected interactive approval prompts for read-class operations.
References
- github.com/advisories/GHSA-7jx5-9fjg-hp4m
- github.com/openclaw/openclaw
- github.com/openclaw/openclaw/commit/12cc754332f9a7c92e158ce7644aa22df79c0904
- github.com/openclaw/openclaw/commit/63dcd28ae0be2de1c75af09cc81841cebeec068f
- github.com/openclaw/openclaw/releases/tag/v2026.2.23
- github.com/openclaw/openclaw/security/advisories/GHSA-7jx5-9fjg-hp4m
Code Behaviors & Features
Detect and mitigate GHSA-7jx5-9fjg-hp4m with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →